An unsecured database containing over 61 million records related to wearable technology and fitness services was left exposed online.
On Monday, WebsitePlanet, together with cybersecurity researcher Jeremiah Fowler, said the database belonged to GetHealth.
On June 30, 2021, the team discovered a database online that was not password protected.
The researchers said that over 61 million records were contained in the data repository, including vast swathes of user information — some of which could be considered sensitive — such as their names, dates of birth, weight, height, gender, and GPS logs, among other datasets.
While sampling a set of approximately 20,000 records to verify the data, the team found that the majority of data sources were from Fitbit and Apple’s HealthKit.
